安全配置流程 (Nico)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenClaw configuration workflow that can change local config, but the behavior fits its purpose and requires user confirmation.

Install only if you want an agent to help manage OpenClaw configuration. Keep each change explicitly OpenClaw-scoped, confirm the exact fields before edits, review backups and diffs after `doctor --fix`, avoid disruptive tests during important Gateway use, and do not let `MEMORY.md` contain secrets or tokens.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger conditions are very broad and overlap with many ordinary requests about settings, which can cause this skill to activate in situations the user did not intend. Because the skill performs configuration edits and follow-up commands on a sensitive local config file, ambiguous invocation increases the chance of unauthorized or surprising state changes.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill writes to `~/.openclaw/openclaw.json` and persists derived information to `MEMORY.md`, but it does not prominently disclose those side effects in its description. Hidden persistence and file modification are dangerous because users may invoke the skill expecting advice or validation, while it actually changes configuration and stores potentially sensitive operational details.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal